Pages

Friday, 22 June 2018

Spam from China

In my de-spammer, I have a category of email I call "non-roman". This is all email in alphabets that I cannot read. Maybe it's spam, maybe it isn't, but if I can't read it, I'll never know.

In the last week or so, there has been a huge rise in spam in Chinese. This is only part of what arrived in the last several hours. Over the same time period, there were only 24 spams that weren't in Chinese.


Monday, 11 June 2018

IPv6

IPv4 is the old familiar Internet Protocol, You get addresses like 12.34.56.121, four numbers in the range 0 to 255. That means there are 2 to the power 32 possible IP addresses.

When this was designed, that sounded like a lot, enough for indefinite use. This is 4 billion addresses, which is enough for half the people on the planet. Plenty, yes? No. They didn't anticipate the huge popularity of the internet, and it turns out that these 4 billion addresses are not enough. And there is an IP address shortage.

Enter IPv6

This consists of eight numbers instead of four. Which is 16 billion billion addresses. And that should be enough for a long time.

But.

Everyone uses IPv4 today. And people keep saying "We have to move to IPv6" because we've run out of IPv4 addresses.

And they've been saying that for seven years now.

So today, I decided to start making a move. Step one, talk to TalkTalk, to get some IPv6 addresses, and for them to route them to my connection. So I contacted TalkTalk.

 Huh.

They don't do IPv6. In April 2017, their Chief Operating Officer said that they will in future. But in the 14 months since then, there's been a deafening silence. And when I asked their tech people, they said they don't do IPv6 and didn't know when they might.

So I explained that when my contract comes up for renewal, the existence of IPv6 support will definitely be a factor in which service provider I choose.

I can't believe that they haven't done this yet.

Saturday, 2 June 2018

Barclays Merchant Services, and VAT

Six months ago, BMS (Barclays Merchant Services) changed over to a new accounting system. So when the first new bill arrived, in a totally different format from the old bill, I compared the old with the new, and I found a major discrepency. Previously, they had been charging me £50-£60 VAT each month. Suddenly, the VAT number was £5.

So I called them up. Either the old figure was inflated, or the new figure was too low. It took them about six months to look into it, and eventually, I got a nice refund from them.

I wondered, then, what they would do about all their other customers. Now I know. I just got a form letter from them, explaining about this.

This blunder must have cost them a lot.

TLS 1.2

From a few weeks from now, data transfer with Barclaycard must use the encryption of TLS 1.2. This is a good idea, because it's currently the strongest protocol available.

Wow. I remember when the only way to do this, was for me to print everything out on paper, and trundle down to the bank with it. They would ship it off to their data center, and someone there would type it all in!

So anyway. I upgraded my systems to TLS 1.2 six months ago. But I got a reminder from them, and, suddenly nervous about whether it was all working right, I phoned them up to check. They checked my recent uploads, and confirmed that I was indeed using TLS 1.2

But I wonder how many companies are going to be caught short by this.

Sunday, 27 May 2018

Uploading files to web pages

This turned out to be a bit more tricky than I had thought.

You have to use a cgi that starts off like this:

 <FORM method="post" action="upload.cgi" ENCTYPE="multipart/form-data">

And then there will be various elements to the form, depending on what other data you want, and then:

Upload:          <INPUT TYPE=file NAME=filename>

Then you parse the result of the cgi using

use CGI::cgi_lite;


$cgi = new CGI_Lite ();
$cgi->set_directory ($images) || die "Directory $images doesn't exist.\n";
$cgi->set_file_type ("handle");
%in = $cgi->parse_form_data ();


The name of the file will be in $in{'filename'};

And the file itself will be in the $images directory that you set. But, the filename will have an extra 11 characters appended to it, that's to ensure that the name is unique. If you want the original filename, you have to strip those off.

Then the thing that really threw me. If the original filename contains spaces, then $in{'filename'} doesn't contain the filename, it contains the bytes of the file itself!
I have no idea why.

open UPLOAD, ">$images/upload.file";
binmode UPLOAD;
print UPLOAD $in{'filename'};
close UPLOAD;

Then you'll have to rename the file to something unique.

Friday, 25 May 2018

Facebook security

Facebook recently announced that they tightened up their security, and have removed 583 fake accounts.

And they've put uip a notice saying that if you log in from a different computer, they're going to do a check on whether you're really you. Which sounds nice.

So we went away for a few days, and I logged in from the hotel's wifi, using a portable I took with me. So the IP address was different, and if Facebook had dumped any cookies on my computer, they weren't on this laptop.

Facebook immediately spat me out. So this is their security is in action. But what happened next ...

They asked me for a mobile number, so they could send a six digit verification code. Obviously I'm not going to give them my usual number. I dn't want to start getting spam on it.

So, I went around the houses. I have an old iPhone 4, inherited from Ladysolly a while back, and just festering in a drawer. I went to Vodafone to get it unlocked, which was pretty easy. Then I did a full reset, to wipe off all the data.

Then I went to freedompop.com. You pay £7 or so, and you get free minutes, texts and data. Not very much, and I think they're hoping I'll top up and pay for more. But I won't. And as a surprise, they gave me a second sim for an extra 1p. Nice. So I put the sim into the old iPhone, and gave Facebook that number.

And Facebook was happy, and I was happy, and everything is tickety-boo.

But.

Facebook didn't actually do any verification of me at all. All they verified, is that the person who logged in, also owns a phone.

It's just more "Security Theatre".

So. In future, when I go away, I'll VNC into the computer that Facebook expects me to be using, and they'll never know that I'm hundreds of miles away, using my laptop. I tested it, and it works fine.




Thursday, 24 May 2018

Mouse pad

Mouse pads are important. You want something that isn't too rough and isn't too smooth, and which is big enough for your mouse movements, but not so big that it takes up too much desk.

Also, I want a gel pad for my wrist to rest on, so I don't get tendonitis.

For many, many years, I've been using the Fellowes "Gel wrist rest and mouse pad". They must be more than ten years old now, and they still work great.

So I just bought four more on Ebay, about £12 each.

Recommended.